Microsoft SQL Server 7.0/7.0 SP1 NULL Data DoS Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/817/info If Microsoft SQL Server 7.0 receives a TDS header with three or more NULL bytes as data it will crash. The crash will generate an event in the log with ID 17055 fatal exception EXCEPTIONACCESS VIOLATION. / sqldos...

CVE-2002-0695

CVE-2002-0695 describes a buffer overflow in the Transact-SQL (T-SQL) OpenRowSet component of Microsoft Data Access Components (MDAC) 2.5–2.7, affecting SQL Server 7.0 or 2000. The underlying issue is a buffer overflow in the OpenRowSet path that could allow a remote attacker to execute arbitrary...

CVE-2000-1209

The "sa" account is installed with a default null password on 1 Microsoft SQL Server 2000, 2 SQL Server 7.0, and 3 Data Engine MSDE 1.0, including third party packages that use these products such as 4 Tumbleweed Secure Mail MMS 5 Compaq Insight Manager, and 6 Visio 2000, which allows remote...

CVE-2001-0879

CVE-2001-0879 describes a format-string vulnerability in the C runtime functions used by Microsoft SQL Server 7.0 and 2000. The underlying issue is a format string handling flaw in the C runtime, which can allow an attacker to trigger a denial of service. The available connected documents confirm...

CVE-2002-0056

CVE-2002-0056 concerns Microsoft SQL Server 7.0 and 2000, where a buffer overflow is triggered by a long OLE DB provider name used with OpenDataSource or OpenRowset in an ad hoc connection. The resulting issue can allow an attacker to execute arbitrary code with the SQL Server service account’s p...

CVE-2001-0542

CVE-2001-0542 describes buffer/format-string vulnerabilities in Microsoft SQL Server 7.0 and 2000. The issues affect the built-in formatting functions raiserror, formatmessage, and xp_sprintf, allowing an attacker with SQL Server access to execute arbitrary code or potentially cause a denial of s...

CVE-2001-0879

Format string vulnerability in the C runtime functions in SQL Server 7.0 and 2000 allows attackers to cause a denial of service...

CVE-2001-0344

CVE-2001-0344 describes a privilege-escalation vulnerability in Microsoft SQL Server 2000 Gold and SQL Server 7.0 when running in Mixed Mode. An attacker with local database access could exploit reusing a cached sa administrator connection to gain privileges. The Initial Description states the vu...

CVE-2000-0603

Microsoft SQL Server 7.0 contains a vulnerability where a local user can bypass stored‑procedure permissions by referencing them through a temporary stored procedure, effectively elevating privileges. The issue affects the ability to enforce access controls on stored procedures and is described a...

CVE-2000-0402

CVE-2000-0402 concerns Information Disclosure in Microsoft SQL Server 7.0: the sa password is stored in plaintext in a log file (sqlsp.log) readable by any user. This vulnerability is described as the "SQL Server 7.0 Service Pack Password" issue. Public references in the provided documents point ...

CVE-2000-0402

The Mixed Mode authentication capability in Microsoft SQL Server 7.0 stores the System Administrator sa account in plaintext in a log file which is readable by any user, aka the "SQL Server 7.0 Service Pack Password" vulnerability...

CVE-2000-0202

CVE-2000-0202 affects Microsoft SQL Server 7.0 and Microsoft Data Engine (MSDE) 1.0. A malformed SELECT statement in an SQL query allows remote attackers to gain privileges. The connected OpenVAS entry corroborates multiple MSSQL vulnerabilities; however, exploitation details, affected versions b...

CVE-2000-0199

CVE-2000-0199 affects Microsoft SQL Server 7.0 via Enterprise Manager when the “Always prompt for login name and password” option is not set; the login credentials are stored with weak encryption. The connected Nessus entry also describes a potential local privilege escalation by authenticated us...